I don\'t know much about network engineering since I just started becoming a pro

Question

I don't know much about network engineering since I just started becoming a programmer. The situation is, that my company has a web-interface hosted on one of our servers that is connected to the internet. Employees of the company log into the web-interface with their password and fill out a form/upload data. Now i want this data to be put into a folder on another server that's used to store customer data. This second server is not connected to the internet.

If we allow the first server to write into the second one, is there a way to ensure it is only done by users in the web-interface and not by someone hacking into the server? Are there other security concerns we have to think about and what can be done about them?

Explanation / Answer

This is more of a Server fault question but I'll try to answer it anyway.

The best way is to protect against this is by NOT allowing the server to write directly to the other (hidden) server.

this can be done through several means like:

- A Proxy (the public faced server proxies the file saving to the private server)
- A Polling system (the private server checks regularly if there are 'new' files. and if so copies them from the public server)
- A Pulling system (the public server notifies the private server it has a new file through some other means [a web-service for example] and than the private server copies the file from the public server)

All of these need some other method to protect the private server from misuse, but it does limit "arbitrary" use by a hacker of your servers.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.